Configuring OneLogin as an SMA Authentication Server

Configuring OneLogin as an SAML Identity Provider is done by configuring a OneLogin Authentication server on an SMA appliance.

To configure OneLogin as an SMA Authentication Server

1. In the AMC, navigate to System Configuration > Authentication Servers.

   

2. Under Authentication servers, click the + (New) icon. The Add Authentication Server page displays.

   

3. Select SAML 2.0 Identity Provider.

4. Click Continue.... The Edit Authentication Server page displays.

   

   The steps that follow explain how to configure the fields in the Configure Authentication Server .

5. In the Name field, enter OneLogin_IDP.

6. In the Appliance ID field, enter the Audience/SP Identity from the Configuration tab of the SonicWall VPN page. For example, https://appliance.company.com.

7. In the Server ID field, enter the Issuer URL from the Configuration tab of the SonicWall VPN page. For example, https://app.onelogin.com/saml/metadata/xxxx.

8. In the Authentication service URL field, enter the IDP Login URL from the SSO tab of the SonicWall VPN page. For example,

   https://company.onelogin.com/trust/saml2/http-post/sso/xxxx.

9. In the Logout service URL field, enter the SLO Endpoint (HTTP) from the SSO tab of the SonicWall VPN page. For example,

   https://company.onelogin.com/trust/saml2/http-redirect/slo/xxxx.

10. From the Trust the following certificate drop-down menu, select the X.509 Certificate.

    You must first download and install this certificate before it can appear in this drop-down menu. See Downloading a Certificate for instructions on how to do this.

11. (Optional) Select the Sign AuthnRequest message using this certificate if you want it, then select the appropriate certificate.

12. Click Save.